Name: Cisco Catalyst 4500 Series
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

49-112

Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex

Chapter 49 Configuring 802.1X Port-Based Authentication

Controlling Switch Access with RADIUS

To configure the switch to recognize and use VSAs, perform these steps:

Note For a complete list of RADIUS attributes or more information about vendor-specific attribute 26, see the

“RADIUS Attributes” appendix in the Cisco IOS Security Configuration Guide, Release 12.2 from the

Cisco.com page under Documentation > Cisco IOS Software > 12.2 Mainline > Command

References.

Configuring the Switch for Vendor-Proprietary RADIUS Server Communication

Although an IETF draft standard for RADIUS specifies a method for communicating vendor-proprietary information between

the switch and the RADIUS server, some vendors have extended the RADIUS attribute set in a unique way. Cisco IOS software

supports a subset of vendor-proprietary RADIUS attributes.

As mentioned earlier, to configure RADIUS (whether vendor-proprietary or IETF draft-compliant), you must specify the host

running the RADIUS server daemon and the secret text string it shares with the switch. You specify the RADIUS host and

secret text string by using the radius-server global configuration commands.

To specify a vendor-proprietary RADIUS server host and a shared secret text string, perform this task:

Command Purpose

Step 1

Switch# configure terminal

Enters global configuration mode.

Step 2

Switch(config)# radius-server vsa

send [accounting |

authentication]

Enables the switch to recognize and use VSAs as defined by RADIUS IETF

attribute 26.

• (Optional) Use the accounting keyword to limit the set of recognized

vendor-specific attributes to only accounting attributes.

• (Optional) Use the authentication keyword to limit the set of

recognized vendor-specific attributes to only authentication attributes.

If you enter this command without keywords, both accounting and

authentication vendor-specific attributes are used.

Step 3

Switch(config)# end

Returns to privileged EXEC mode.

Step 4

Switch# show running-config

Verifies your settings.

Step 5

Switch# copy running-config

startup-config

(Optional) Saves your entries in the configuration file.

Command Purpose

Step 1

Switch# configure terminal

Enters global configuration mode.

Step 2

Switch(config)# radius-server host {hostname |

ip-address} non-standard

Specifies the IP address or hostname of the remote

RADIUS server host and identify that it is using a

vendor-proprietary implementation of RADIUS.

Other manuals for Cisco Catalyst 4500 Series

Manual19 pages

Command Reference Guide1230 pages

System Message Guide150 pages

Configuration Guide1610 pages

Administration Guide1814 pages

Message Guide146 pages

Installation Guide194 pages

Datasheet11 pages

Overview46 pages

Quick Reference Guide59 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General

Series	Catalyst 4500 Series
Category	Switch
Layer Support	Layer 2, Layer 3
Form Factor	Modular chassis
Stackable	No
Chassis Slots	3, 6, 7, 10
Power Supply Options	AC, DC
Redundancy	Power supply, Supervisor engine
Network Management	Cisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
Features	Security, QoS
Port Density	Up to 384 ports per chassis
Security Features	802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine	8-E